RSA Adaptive Authentication for eCommerce is a comprehensive authentication and fraud detection solution for the eCommerce market. The solution is based on the 3DSecure protocol (""Verified By Visa"" and ""MasterCard SecureCode"") and is powered by risk-based authentication, an intelligent system that authenticates a user by measuring a series of risk indicators. Transparent authentication provides a user-experience in which a customer is only challenged in high-risk scenarios.
What's New in Adaptive Authentication for eCommerce v17.0
RSA Adaptive Authentication for eCommerce v17.0 introduces the new Policy Management application. It is a new, GUI-based application which provides enhanced usability and policy visibility. You can use the application to create a risk-management policy that is aligned with the security needs of your organization, for managing fraud loss, card-holder experience, and case volume. A policy contains a set of rules for a specific business need. Each rule includes at least one logic condition and an action.
Note: The Policy Management application is available for customers who use RSA Adaptive Authentication for eCommerce.
The following features are included in the new Policy Management application:
- Policy Editing. In the New Rule wizard, you can create, edit and construct a rule. You can construct a rule by defining the following elements:
- General rule details: Rule Name, Description, Status, Comment, Order
- Conditions: Facts, Operators, Lists
- Actions: Allow, Challenge, Decline
- Managing Rules. You can manage existing rules in the Manage Rules table.
- Managing Lists. You can view, create, edit, and delete lists used in rules.
- Testing Rules. You can assign a rule Test status. A Test rule includes the following attributes:
- A Test rule runs on production data but no action takes place except case creation.
- Statistics are collected to analyze the effectiveness of a Test rule.
- When a Test rule is triggered, the activity is recorded in the database.
- If a case is created in the Case Management application, you can determine whether the case was created by a Test rule or a Production rule.
- Approval Process. RSA applies checks and balances so that rules are not automatically integrated into the production environment. To change the status of a rule, a user must first submit a request. For a rule to be promoted to the production environment, a user with suitable permissions must approve the rule status change. For more information, see the Back Office Applications UserÕs Guide, Customer Service Administration Application chapter.
- Publishing Updates. Once a policy change is approved, it is implemented in the production environment for seamless integration.
- Roles and Permissions. A user of the new Policy Management application can be assigned various roles. Each role defines a unique set of permissions. Roles are hierarchical and a rule provides a user access only to the specific functions that role is allowed to perform.
- The Policy Management application is currently supported only on Internet Explorer.
- In order to maintain full backward compatibility, RSA only implements the Policy Management application available with v17.0, as per a customer request. The implementation takes place after a mutually defined set of required rollout steps are coordinated via the official support channels. By default, system behavior is not changed in v17.0 from system behavior in previous versions.
Documentation Set Enhancements
The following documentation set revisions and enhancements are included in this release:
- Policy Management Chapter Updated in Back Office Applications UserÕs Guide
In the RSA Adaptive Authentication for eCommerce Back Office Applications User's Guide, the Policy Management chapter provides
information about the new Policy Management application.
- Risk Contributors List Moved to Back Office Applications Users Guide
The list of risk contributors has moved from the RSA Adaptive Authentication for eCommerce Raw Data Reports
Users Guide to the RSA Adaptive Authentication for eCommerce Back Office Applications User's Guide, Appendix D.
For US customers, the environment is available from October 26, 2014.
For other customers, the environment is available from November 2, 2014.
For more information, contact your RSA support representative.